Re: [PATCH v2 3/3] efi/capsule: Add support for Quark security header

On Wed, Apr 19, 2017 at 9:33 PM, Jan Kiszka wrote: > The firmware for Quark X102x prepends a security header to the capsule > which is needed to support the mandatory secure boot on this processor. > The header can be detected by checking for the "_CSH" signature and - >

Re: [PATCH V15 01/11] acpi: apei: read ack upon ghes record consumption

On Wed, Apr 19, 2017 at 02:31:13PM -0600, Baicar, Tyler wrote: > Will do. You don't necessarily have to reply with "will do" if you agree with the review. Also, please wait until I've gone through the whole pile before sending it again. Thanks. -- Regards/Gruss, Boris. Good mailing

Re: [PATCH V15 01/11] acpi: apei: read ack upon ghes record consumption

On 4/19/2017 12:31 PM, Borislav Petkov wrote: On Tue, Apr 18, 2017 at 05:05:13PM -0600, Tyler Baicar wrote: A RAS (Reliability, Availability, Serviceability) controller may be a separate processor running in parallel with OS execution, and may generate error records for consumption by the OS.

Re: [PATCH] arm64: xen: Implement EFI reset_system callback

On Wed, Apr 19, 2017 at 08:37:38PM +0100, Matt Fleming wrote: > On Wed, 19 Apr, at 09:29:06PM, Daniel Kiper wrote: > > On Tue, Apr 18, 2017 at 02:46:50PM +0100, Matt Fleming wrote: > > > On Thu, 06 Apr, at 04:55:11PM, Mark Rutland wrote: > > > > > > > > Please, let's keep the Xen knowledge

Re: [PATCH] arm64: xen: Implement EFI reset_system callback

On Wed, 19 Apr, at 09:29:06PM, Daniel Kiper wrote: > On Tue, Apr 18, 2017 at 02:46:50PM +0100, Matt Fleming wrote: > > On Thu, 06 Apr, at 04:55:11PM, Mark Rutland wrote: > > > > > > Please, let's keep the Xen knowledge constrained to the Xen EFI wrapper, > > > rather than spreading it further. > >

Re: [PATCH] arm64: xen: Implement EFI reset_system callback

On Tue, Apr 18, 2017 at 02:46:50PM +0100, Matt Fleming wrote: > On Thu, 06 Apr, at 04:55:11PM, Mark Rutland wrote: > > > > Please, let's keep the Xen knowledge constrained to the Xen EFI wrapper, > > rather than spreading it further. > > > > IMO, given reset_system is a *mandatory* function, the

[PATCH v2 3/3] efi/capsule: Add support for Quark security header

The firmware for Quark X102x prepends a security header to the capsule which is needed to support the mandatory secure boot on this processor. The header can be detected by checking for the "_CSH" signature and - to avoid any GUID conflict - validating its size field to contain the expected value.

[PATCH v2 0/3] efi: add support for non-standard capsule headers

This picks up the patches Ard send before in [1], including the "left-over" patches 6..8. As Ard suggested, I've taken updated patches 6 and 7 of him from [2] which address reviewer comments. Furthermore, I've changed patch 8 to factor out the Quark quirk logic from the overloaded

[PATCH v2 2/3] efi/capsule-loader: Use page addresses rather than struct page pointers

From: Ard Biesheuvel To give some leeway to code that handles non-standard capsule headers, let's keep an array of page addresses rather than struct page pointers. This gives special implementations of efi_capsule_setup_info() the opportunity to mangle the payload a

[PATCH v2 1/3] efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias

From: Ard Biesheuvel To allow platform specific code to hook into the capsule loading routines, indirect calls to efi_capsule_setup_info() via a weak alias of __efi_capsule_setup_info(), allowing platforms to redefine the former but still use the latter. Cc: Matt

Re: [PATCH V15 01/11] acpi: apei: read ack upon ghes record consumption

On Tue, Apr 18, 2017 at 05:05:13PM -0600, Tyler Baicar wrote: > A RAS (Reliability, Availability, Serviceability) controller > may be a separate processor running in parallel with OS > execution, and may generate error records for consumption by > the OS. If the RAS controller produces multiple

Re: [PATCH v5 01/32] x86: Documentation for AMD Secure Memory Encryption (SME)

On Wed, Apr 19, 2017 at 09:23:47AM -0500, Tom Lendacky wrote: > Btw, I tried to update all the subjects and descriptions to be > more descriptive but I'm sure there is still room for improvement > so keep the comments on them coming. No worries there :) > Note, just because the bit is set in

[PATCH 4.10 22/69] x86/efi: Dont try to reserve runtime regions

4.10-stable review patch. If anyone has any objections, please let me know. -- From: Omar Sandoval commit 6f6266a561306e206e0e31a5038f029b6a7b1d89 upstream. Reserving a runtime region results in splitting the EFI memory descriptors for the runtime region. This

[PATCH 4.10 31/69] efi/libstub: Skip GOP with PIXEL_BLT_ONLY format

4.10-stable review patch. If anyone has any objections, please let me know. -- From: Cohen, Eugene commit 540f4c0e894f7e46a66dfa424b16424cbdc12c38 upstream. The UEFI Specification permits Graphics Output Protocol (GOP) instances without direct framebuffer

[PATCH 4.10 32/69] efi/fb: Avoid reconfiguration of BAR that covers the framebuffer

4.10-stable review patch. If anyone has any objections, please let me know. -- From: Ard Biesheuvel commit 55d728a40d368ba80443be85c02e641fc9082a3f upstream. On UEFI systems, the PCI subsystem is enumerated by the firmware, and if a graphical

[PATCH 4.9 24/69] efi/libstub: Skip GOP with PIXEL_BLT_ONLY format

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Cohen, Eugene commit 540f4c0e894f7e46a66dfa424b16424cbdc12c38 upstream. The UEFI Specification permits Graphics Output Protocol (GOP) instances without direct framebuffer

Re: [PATCH v5 01/32] x86: Documentation for AMD Secure Memory Encryption (SME)

On 4/19/2017 4:02 AM, Borislav Petkov wrote: Always have a verb in the Subject to form a "do this" or "do that" sentence to better explain what the patch does: "Subject: [PATCH v5 01/32] x86: Add documentation for AMD Secure Memory Encryption (SME)" Will do. Btw, I tried to update all the

Re: [PATCH v5 01/32] x86: Documentation for AMD Secure Memory Encryption (SME)

Borislav Petkov wrote: > "Subject: [PATCH v5 01/32] x86: Add documentation for AMD Secure Memory > Encryption (SME)" Or: x86: Document AMD Secure Memory Encryption (SME) support David -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body

Re: [PATCH v5 01/32] x86: Documentation for AMD Secure Memory Encryption (SME)

Always have a verb in the Subject to form a "do this" or "do that" sentence to better explain what the patch does: "Subject: [PATCH v5 01/32] x86: Add documentation for AMD Secure Memory Encryption (SME)" On Tue, Apr 18, 2017 at 04:16:25PM -0500, Tom Lendacky wrote: > Create a Documentation